The FireBreak Intrusion Suppression System operates behind the firewall to impede worm propagation on your network. It will instantly alert you to an outbreak and identify infected systems on your network.

How do Firewalls stop worms?

Firewall products filter network traffic flowing through the monitored link, allowing "good" traffic to pass, while blocking "bad" traffic. Firewalls are a critical part of a network defense-in-depth strategy, but in the modern age of pervasive networking they have certain limitations.

How effective are firewalls against modern worms?

Modern Firewalls provide excellent protection at the traditional network perimeter. However, the modern enterprise doesn't have control over the perimeter like it once did. Worms inevitably sneak in -- usually by going around the Firewall, sometimes by riding in on adware and spyware through a browser connection.

Firewalls cannot easily distinguish between legitimate traffic and some internet worm traffic. Firewalls are only effective when the network traffic flows through the firewall link. In a modern network, mobile computing devices (laptops, PDAs, etc.) can become contaminated with a network worm while outside the protective envelope of the firewall, and then connect to an internal network directly, allowing worms to spread unimpeded.

In the age of pervasive networking, worms get around firewalls or come through them directly and reach your systems. Laptops connect directly to the unfiltered internet on home DSL or Cablemodem networks, where worms new and old are continuously scanning for vulnerable systems. Worm infested PC systems are then brought back into the office and connected directly to the network. Within moments of connecting, the system starts probing your network -- behind the firewall -- and spreads the infection to other vulnerable systems. Sometimes the original system is already done checking their email and off the network before the outbreak is detected. The same infected laptop can move from office to office, starting a new worm outbreak each time.

Hardening Internal Networks against Worms

Firewalls separating internal networks are often proposed as an attempt to mitigate rampant worm ( or human ) attacks. Although, in most cases these quickly became difficult to manage or contain too many holes to be very effective.